TSG-8236, 修复MESA_jump_layer_greedy跳转到UDP层BUG.

2021-10-28 18:29:19 +08:00
parent 7bea6fa98e
commit ab48f907bf
3 changed files with 170 additions and 68 deletions
--- a/src/MESA_jump_layer.cpp
+++ b/src/MESA_jump_layer.cpp
@@ -290,6 +290,10 @@ static int gtp_jump_to_layer(const char *raw_data,  int raw_layer_type, int expe
 		return -1;
 	}

+	if(skip_len < 0){
+		return -1;
+	}
+
 	return gtp_hdr_len + skip_len;
 }

@@ -426,6 +430,10 @@ static int l2tp_jump_to_layer(const char *raw_data,  int raw_layer_type, int exp
 		}
 	}

+	if(skip_len < 0){
+		return -1;
+	}
+	
 	return l2tp_hdr_len + skip_len;
 }

@@ -1020,6 +1028,10 @@ static int mpls_jump_to_layer(const char *raw_data,  int raw_layer_type, int exp
 		}
 	}

+	if(skip_len < 0){
+		return -1;
+	}
+
 	return skip_len + mpls_layer_len;
 }

--- a/test/gtest_jump_layer.cpp
+++ b/test/gtest_jump_layer.cpp
@@ -132,7 +132,7 @@ static int jump_check_tcp_pkt(const struct tcphdr *thdr, int expect_tcp_hdr_offs
 static int jump_check_udp_pkt(const struct udphdr *uhdr, unsigned short expect_udp_tot_len, unsigned short expect_sport_host, unsigned short expect_dport_host)
 {
 	if(ntohs(uhdr->len) != expect_udp_tot_len){
-		printf("\033[1;31;40mMESA_net_jump_to_layer(): udp header length error!\033[0m\n");
+		printf("\033[1;31;40mMESA_net_jump_to_layer(): udp header length error, actual:%u, but expect:%u!\033[0m\n", ntohs(uhdr->len), expect_udp_tot_len);
 		return -1;
 	}
 	
@@ -206,7 +206,6 @@ static void jump_layer_eth_ipv4_tcp(u_char *result_val, const struct pcap_pkthdr
 {
 	int ret;
 	const void *eth_header, *ipv4_header, *tcp_header;
-	const void *next_header;

 	eth_header = (void *)data;

@@ -217,9 +216,21 @@ static void jump_layer_eth_ipv4_tcp(u_char *result_val, const struct pcap_pkthdr
 		pcap_breakloop(g_jmp_pcap_handle);
 		return;
 	}	
+	ret = jump_check_ipv4_pkt((struct ip*)ipv4_header, 60, IPPROTO_TCP, "192.168.10.250", "192.168.10.234");
+	if(ret < 0){
+		*result_val = -1;
+		pcap_breakloop(g_jmp_pcap_handle);
+		return;		
+	}

-	const struct ip* ip4hdr = (struct ip*)ipv4_header; 
-	jump_check_ipv4_pkt(ip4hdr, 60, IPPROTO_TCP, "192.168.10.250", "192.168.10.234");
+	const void *greedy_ipv4_header = MESA_jump_layer_greedy(eth_header, ADDR_TYPE_MAC, ADDR_TYPE_IPV4);
+	if(greedy_ipv4_header != ipv4_header){
+		/* 就一层ip, 没有嵌套, greedy结果应该是一样的 */
+		printf("\033[1;31;40mjump_layer_eth_ipv4_udp(): greedy jump to ipv4 error!\033[0m\n");
+		*result_val = -1;
+		pcap_breakloop(g_jmp_pcap_handle);
+		return;	
+	}

 	tcp_header = MESA_net_jump_to_layer((void *)ipv4_header, ADDR_TYPE_IPV4, ADDR_TYPE_TCP);
 	if(NULL == tcp_header){
@@ -246,7 +257,22 @@ static void jump_layer_eth_ipv4_tcp(u_char *result_val, const struct pcap_pkthdr
 	}		

 	const struct tcphdr* thdr = (struct tcphdr *)tcp_header; 
-	jump_check_tcp_pkt(thdr, 40, 58725, 22);
+	ret = jump_check_tcp_pkt(thdr, 40, 58725, 22);
+	if(ret < 0){
+		*result_val = -1;
+		pcap_breakloop(g_jmp_pcap_handle);
+		return;		
+	}
+
+	const void *greedy_tcp_header = MESA_jump_layer_greedy(eth_header, ADDR_TYPE_MAC, ADDR_TYPE_TCP);
+	if(greedy_tcp_header != tcp_header){
+		/* 就一层ip, 没有嵌套, greedy结果应该是一样的 */
+		printf("\033[1;31;40mjump_layer_eth_ipv4_udp(): greedy jump to tcp error!\033[0m\n");
+		*result_val = -1;
+		pcap_breakloop(g_jmp_pcap_handle);
+		return;	
+	}
+	

 	printf("\033[32mjump_layer_eth_ipv4_tcp_entry() test succ\033[0m\n");	

@@ -277,7 +303,6 @@ static void jump_layer_eth_ipv4_udp(u_char *result_val, const struct pcap_pkthdr
 {
 	int ret;
 	const void *eth_header = data, *ipv4_header, *udp_header;
-	const void *next_header;

 	ipv4_header = MESA_net_jump_to_layer(data, ADDR_TYPE_MAC, ADDR_TYPE_IPV4);
 	if(NULL == ipv4_header){
@@ -303,6 +328,15 @@ static void jump_layer_eth_ipv4_udp(u_char *result_val, const struct pcap_pkthdr
 		return;
 	}		

+	const void *greedy_ipv4_header = MESA_jump_layer_greedy(eth_header, ADDR_TYPE_MAC, ADDR_TYPE_UDP);
+	if(greedy_ipv4_header != udp_header){
+		/* 就一层udp, 没有嵌套, greedy结果应该是一样的 */
+		printf("\033[1;31;40mjump_layer_eth_ipv4_udp(): greedy jump to udp error!\033[0m\n");
+		*result_val = -1;
+		pcap_breakloop(g_jmp_pcap_handle);
+		return;	
+	}	
+
 	const struct ip* ip4hdr = (struct ip*)ipv4_header; 
 	ret = jump_check_ipv4_pkt(ip4hdr, 175, IPPROTO_UDP, "192.168.210.153", "111.161.107.181");
 	if(ret < 0){
@@ -1119,76 +1153,132 @@ extern "C" char jump_layer_eth_ip4_udp_teredo_udp_ip6_udp_entry(struct streaminf

 	return APP_STATE_DROPME;
 }
+#endif

-extern "C" char jump_layer_eth_vlan_ip6_udp_gtpext_ip4_tcpall_entry(struct streaminfo *pstream,void **pme, int thread_seq, void *a_packet)
+static void jump_layer_eth_vlan_ip6_udp_gtpext_ip4_tcp(u_char *result_val, const struct pcap_pkthdr *hdr, const u_char *data)
 {
 	int ret;
-	int tot_pkt_len;
-	const void *pkt_header;
-	const void *next_header;
-	int opt_len;
-	unsigned short tunnel_type = STREAM_TUNNLE_NON;
+	const void *eth_header = data;
+	const void *outer_ipv6_header;
+	const void *outer_udp_header;
+	const void *gtp_header;
+	const void *inner_ipv4_header;
+	const void *inner_tcp_header;

-	if(pstream->pktstate == OP_STATE_PENDING){
-		opt_len = sizeof(short);
-		ret = MESA_get_stream_opt(pstream, MSO_STREAM_TUNNEL_TYPE, &tunnel_type, &opt_len);
-		if((ret < 0) || (tunnel_type != STREAM_TUNNEL_GPRS_TUNNEL)){
-			return APP_STATE_DROPME; 
+
+	outer_ipv6_header = MESA_net_jump_to_layer(eth_header, ADDR_TYPE_MAC, ADDR_TYPE_IPV6);
+	if(NULL == outer_ipv6_header){
+		printf("\033[1;31;40m jump_layer_eth_vlan_ip6_udp_gtpext_ip4_tcp(): eth->vlan->ipv6 error!\033[0m\n");
+		*result_val = -1;
+		pcap_breakloop(g_jmp_pcap_handle);
+		return;
 	}		
-	
-		ret = get_rawpkt_opt_from_streaminfo(pstream, RAW_PKT_GET_DATA, &pkt_header);
+	ret = jump_check_ipv6_pkt((struct ip6_hdr*)outer_ipv6_header, 64, IPPROTO_UDP, "2409:8034:4025::1:941", "2409:8034:4040:5300::205");		
 	if(ret < 0){
-			printf("\033[1;31;40m jump_layer_eth_vlan_ip6_udp_gtpext_ip4_tcpall_entry(), get_rawpkt_opt_from_streaminfo()->RAW_PKT_GET_DATA error!\033[0m\n");
-			sendto_test_result(GTEST_SAPP_ERR);		
-			exit(1);
+		*result_val = -1;
+		pcap_breakloop(g_jmp_pcap_handle);
+		return;
 	}
-		ret = get_rawpkt_opt_from_streaminfo(pstream, RAW_PKT_GET_TOT_LEN, &tot_pkt_len);
+
+	outer_udp_header = MESA_net_jump_to_layer(eth_header, ADDR_TYPE_MAC, ADDR_TYPE_UDP);
+	if(NULL == outer_udp_header){
+		printf("\033[1;31;40m jump_layer_eth_vlan_ip6_udp_gtpext_ip4_tcp(): eth->vlan->ipv6->udp error!\033[0m\n");
+		*result_val = -1;
+		pcap_breakloop(g_jmp_pcap_handle);
+		return;
+	}			
+	ret = jump_check_udp_pkt((const struct udphdr *)outer_udp_header, 64, 2152, 2152);
 	if(ret < 0){
-			printf("\033[1;31;40m jump_layer_eth_vlan_ip6_udp_gtpext_ip4_tcpall_entry(), get_rawpkt_opt_from_streaminfo()->RAW_PKT_GET_TOT_LEN error!\033[0m\n");
-			sendto_test_result(GTEST_SAPP_ERR);	
-			exit(1);
+		*result_val = -1;
+		pcap_breakloop(g_jmp_pcap_handle);
+		return;
 	}	

-		next_header = MESA_net_jump_to_layer_greedy(pkt_header, ADDR_TYPE_MAC, ADDR_TYPE_IPV6);
-		if(NULL == next_header){
-			printf("\033[1;31;40m jump_layer_eth_vlan_ip6_udp_gtpext_ip4_tcpall_entry(): eth->vlan->ipv6 error!\033[0m\n");
-			sendto_test_result(GTEST_SAPP_ERR);	
-			exit(1);
-		}		
-		const struct ip6_hdr* inner_ip6hdr = (struct ip6_hdr*)next_header; 
-		jump_check_ipv6_pkt(inner_ip6hdr, 64, IPPROTO_UDP, "2409:8034:4025::1:941", "2409:8034:4040:5300::205");		
-
-
-		const struct ip * inner_ip4hdr;
-		inner_ip4hdr = ( struct ip *)MESA_net_jump_to_layer_greedy(pkt_header, ADDR_TYPE_MAC, ADDR_TYPE_IPV4);
-		if(NULL == next_header){
-			printf("\033[1;31;jump_layer_eth_vlan_ip6_udp_gtpext_ip4_tcpall_entry(): eth->ipv6->udp->gtp->ipv4 error!\033[0m\n");
-			sendto_test_result(GTEST_SAPP_ERR);	
-			exit(1);
-		}				
-		if(inner_ip4hdr != a_packet){
-			printf("\033[1;31;40m jump_layer_eth_vlan_ip6_udp_gtpext_ip4_tcpall_entry(): inner ip4 header is not equal with plug_entry->a_packet!\033[0m\n");
-			sendto_test_result(GTEST_SAPP_ERR);	
-			exit(1);
+	const void *greedy_udp_hdr = MESA_jump_layer_greedy(eth_header, ADDR_TYPE_MAC, ADDR_TYPE_UDP);
+	if(greedy_udp_hdr != outer_udp_header){
+		printf("\033[1;31;40m jump_layer_eth_vlan_ip6_udp_gtpext_ip4_tcp(): greedy jump eth->vlan->ipv6->udp error!\033[0m\n");
+		*result_val = -1;
+		pcap_breakloop(g_jmp_pcap_handle);
+		return;
 	}

-		next_header = MESA_net_jump_to_layer_greedy(pkt_header, ADDR_TYPE_MAC, ADDR_TYPE_TCP);
-		if(NULL == next_header){
+	gtp_header = MESA_jump_layer_greedy(eth_header, ADDR_TYPE_MAC, ADDR_TYPE_GPRS_TUNNEL);
+	if(NULL == gtp_header){
+		printf("\033[1;31;40m jump_layer_eth_vlan_ip6_udp_gtpext_ip4_tcp(): greedy jump eth->vlan->ipv6->udp->gtp error!\033[0m\n");
+		*result_val = -1;
+		pcap_breakloop(g_jmp_pcap_handle);
+		return;
+	}
+	
+	inner_ipv4_header = ( struct ip *)MESA_net_jump_to_layer(eth_header, ADDR_TYPE_MAC, ADDR_TYPE_IPV4);
+	if(NULL == inner_ipv4_header){
+		printf("\033[1;31;jump_layer_eth_vlan_ip6_udp_gtpext_ip4_tcp(): eth->ipv6->udp->gtp->ipv4 error!\033[0m\n");
+		*result_val = -1;
+		pcap_breakloop(g_jmp_pcap_handle);
+		return;
+	}				
+
+	ret = jump_check_ipv4_pkt((struct ip *)inner_ipv4_header, 40, IPPROTO_TCP, "10.16.131.196", "112.49.26.208");
+	if(ret < 0){
+		*result_val = -1;
+		pcap_breakloop(g_jmp_pcap_handle);
+		return;		
+	}
+
+	const void *greedy_inner_ip4_hdr = MESA_jump_layer_greedy(eth_header, ADDR_TYPE_MAC, ADDR_TYPE_IPV4);
+	if(greedy_inner_ip4_hdr != inner_ipv4_header){
+		printf("\033[1;31;40m jump_layer_eth_vlan_ip6_udp_gtpext_ip4_tcp(): greedy jump eth->vlan->ipv6->udp->ipv4 error!\033[0m\n");
+		*result_val = -1;
+		pcap_breakloop(g_jmp_pcap_handle);
+		return;
+	}	
+
+	
+	inner_tcp_header = MESA_net_jump_to_layer(eth_header, ADDR_TYPE_MAC, ADDR_TYPE_TCP);
+	if(NULL == inner_tcp_header){
 		printf("\033[1;31;jump_layer_eth_vlan_ip6_udp_gtpext_ip4_tcpall_entry(): eth->ipv6->udp->gtp->ipv6->tcp error!\033[0m\n");
-			sendto_test_result(GTEST_SAPP_ERR);	
-			exit(1);
+		*result_val = -1;
+		pcap_breakloop(g_jmp_pcap_handle);
+		return;		
 	}		
 	
-		const struct tcphdr* thdr = (struct tcphdr *)next_header; 
-		jump_check_tcp_pkt(thdr, 20, 47892, 80);
-
-		printf("\033[32m jump_layer_eth_vlan_ip6_udp_gtpext_ip4_tcpall_entry() test succ\033[0m\n");
-		sendto_test_result(GTEST_SAPP_SUCC);		
+	ret = jump_check_tcp_pkt((struct tcphdr *)inner_tcp_header, 20, 47892, 80);
+	if(ret < 0){
+		*result_val = -1;
+		pcap_breakloop(g_jmp_pcap_handle);
+		return;		
 	}

-	return APP_STATE_DROPME;
+	const void *greedy_tcp_hdr = MESA_jump_layer_greedy(eth_header, ADDR_TYPE_MAC, ADDR_TYPE_TCP);
+	if(greedy_tcp_hdr != inner_tcp_header){
+		printf("\033[1;31;40m jump_layer_eth_vlan_ip6_udp_gtpext_ip4_tcp(): greedy jump eth->vlan->ipv6->udp->ipv4->tcp error!\033[0m\n");
+		*result_val = -1;
+		pcap_breakloop(g_jmp_pcap_handle);
+		return;
+	}	
+
+	printf("\033[32m jump_layer_eth_vlan_ip6_udp_gtpext_ip4_tcp() test succ\033[0m\n");
+
+	*result_val = 0;
+	return;
 }
-#endif
+
+
+#define __jump_layer_eth_vlan_ip6_udp_gtpext_ip4_tcp  1
+TEST(jump_layer, eth_vlan_ip6_udp_gtpext_ip4_tcp)
+{
+	int fun_ret;
+	u_char chk_res = -1;
+
+	fun_ret = jmp_file_md5_checksum("./sample_pcap/eth_vlan_ip6_udp_gtpext_ip4_tcp.pcap", "d51cebb81e70baaf9568f13af867f6c4");
+	ASSERT_EQ(fun_ret, 0);
+
+	fun_ret = jmp_pcap_init("./sample_pcap/eth_vlan_ip6_udp_gtpext_ip4_tcp.pcap", jump_layer_eth_vlan_ip6_udp_gtpext_ip4_tcp, (u_char *)&chk_res);
+	ASSERT_EQ(fun_ret, 0);
+
+	ASSERT_EQ(chk_res, 0);
+}
+

 int main(int argc, char *argv[])
 {
--- a/test/sample_pcap/eth_vlan_ip6_udp_gtpext_ip4_tcp.pcap
+++ b/test/sample_pcap/eth_vlan_ip6_udp_gtpext_ip4_tcp.pcap